In Advantech WebAccss/SCADA v9.1.3 and prior, there is an arbitrary file upload vulnerability that could allow an attacker to modify the file extension of a certificate file to ASP when uploading it, which can lead to remote code execution.
CPE | Name | Operator | Version |
---|---|---|---|
webaccess\\/scada | le | 9.1.3 |